This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.



Click here to download as PDF

ORCHESTRATION and AUTOMATION | Empowering customers to detect, investigate and respond to security threats across the enterprise — faster and smarter

The Falcon Platform offers Elevate Partners and our mutual customers an open framework for the development and deployment of security services that defend against all types of attacks and share threat data and actor profiles — all delivered from a superior native cloud-based architecture.


With CrowdStrike Orchestration and Automation (O&A), our Elevate Partners can extend their security offerings’ O&A capabilities so our mutual customers can more quickly detect, investigate and respond to security threats.

This joint solution utilizes Falcon Connect, our collection of APIs, applications and tools that enable enterprise customers to add new processes and procedures to security workflows (or “playbooks”) to manage and automate the entire incident response lifecycle.

Cloud Delivered


  • Continually reveal new threats utilizing CrowdStrike data: CrowdStrike’s Falcon Host endpoint integration allows customers to discover potential threats more quickly and accurately by leveraging information from the CrowdStrike Threat GraphTM database. Enriching that information with the Falcon Intelligence threat feed data enables a level of protection previously not achievable.
  • Automate breach investigation workflows with enhanced endpoint visibility: Security administrators can quickly leverage the power of Falcon Host with historical and real-time queries into endpoint activity, as well as investigating any and all threats leveraging the rich data from Falcon Intelligence. This combination provides customers with smarter and deeper visibility when investigating potential breaches.

About CrowdStrike

CrowdStrike is the leader in next-generation endpoint protection, threat intelligence and response services. CrowdStrike’s core technology, the CrowdStrike FalconTM platform, stops breaches by preventing and responding to all types of attacks – both malware and malware-free. CrowdStrike has revolutionized endpoint protection by combining three crucial elements: next-generation antivirus, endpoint detection and response (EDR), and a 24/7 managed hunting service — all powered by intelligence and uniquely delivered via the cloud in a single integrated solution. CrowdStrike FalconTM uses the patent-pending CrowdStrike Threat GraphTM to analyze and correlate billions of events in real time, providing complete protection and five-second visibility across all endpoints.

  • Orchestrate rapid threat response: Customers can respond to breaches in an automated fashion with improved accuracy and speed. Leveraging Falcon Connect, customers can contain endpoints to only the resources necessary to remediate and protect them from further damage or intrusions. And Falcon Intelligence gives greater visibility throughout the entire incident response lifecycle.

Solution Benefits:

  • Automate threat hunting, investigation,
    response and remediation
  • Breach response becomes more efficient–and thus more cost effective
  • Continually discover new threats by leveraging the power of the CrowdStrike Threat GraphTM
  • Falcon Host becomes exponentially more powerful by aggregating additional Indicators of Compromise (IOCs) from third-party sources
  • Automatic enrichment and querying of host information
  • Trigger threat responses automatically via the rich telemetry generated by the Falcon Platform
  • Diagnose security incidents more efficiently and effectively with Falcon Intelligence

1.888.512.8906 |


Try CrowdStrike Free for 15 Days Get Started with A Free Trial